US12367290B2ActiveUtilityPatentIndex 51
Systems and methods for security state optimization of SPDM-enabled devices
Est. expiryFeb 21, 2043(~16.6 yrs left)· nominal 20-yr term from priority
Inventors:RADHAKRISHNAN VINEETHTHANKAPPAN MINI THOTTUNKALRAHIMAN SHINOSE ABDULBISA RAMA RAORAMAIAH DHARMA BHUSHAN
G06F 21/575G06F 2221/033G06F 21/57G06F 21/577
51
PatentIndex Score
0
Cited by
12
References
17
Claims
Abstract
According to embodiments of the present disclosure, an Information Handling System (IHS) includes a plurality of Security Protocol and Data Model (SPDM)-enabled devices conforming to a SPDM specification, and instructions stored in a memory and executable by a processor to communicate with the SPDM-enabled devices to derive a trust score for each of the SPDM-enabled devices, and perform one or more optimization actions to optimize an overall security state of the IHS.
Claims
exact text as granted — not AI-modifiedThe invention claimed is:
1. An Information Handling System (IHS), comprising:
a plurality of Security Protocol and Data Model (SPDM)-enabled devices conforming to a SPDM specification;
a processor; and
a memory coupled to the processor, the memory having program instructions stored thereon that, upon execution, cause the IHS to:
communicate out-of-band with each SPDM-enabled device of the plurality of SPDM-enabled devices before launching an Operating System (OS) to boot the IHS from at least one SPDM-enabled device of the plurality of SPDM-enabled devices, to derive a trust score for each of the plurality of SPDM-enabled devices, based at least in part on performing an attestation process using a Root-of-Trust (ROT) accessible to the IHS, the attestation process comprising issuing an authentication challenge to and receiving an authentication response from each of the SPDM-enabled devices;
determine, before booting the IHS and based at least in part on the authentication response and the RoT, whether any SPDM-enabled device of the plurality of SPDM-enabled devices failed the authentication challenge;
determine, before booting the IHS and based at least in part on a boot order configuration in a Basic Input/Output System (BIOS) configured in the IHS, whether the IHS is scheduled to boot from any device of the plurality of SPDM-enabled devices that failed the authentication challenge;
in response to a determination that the IHS is scheduled to boot from any device of the plurality of SPDM-enabled devices that failed the authentication challenge, select another SPDM-enabled device of the plurality of SPDM-enabled devices that succeeded the authentication challenge, and permit the IHS to boot from the selected SPDM-enabled device; and
perform one or more optimization actions to optimize an overall security state of the IHS.
2. The IHS of claim 1 , wherein the program instructions, upon execution, further cause the IHS to perform the one or more optimization actions by:
deriving an overall trust score for the plurality of SPDM-enabled devices that are configured in a server;
obtaining configuration information associated with each of the SPDM-enabled devices;
sending the configuration information to an online optimization service, wherein the online service is configured to identify one or more recommendations for changing a configuration of at least one of the SPDM-enabled devices to optimize the overall trust score of the server;
receiving the one or more recommendations from the online optimization service; and
presenting the one or more recommendations to a user of the IHS.
3. The IHS of claim 2 , wherein the plurality of SPDM-enabled devices are configured in a plurality of servers comprising a cluster, the overall trust score comprising a metric value associated with a security state level of the cluster.
4. The IHS of claim 3 , wherein the program instructions, upon execution, further cause the IHS to:
generate a benchmark trust score comprising a metric value attributed to an optimal configuration of the SPDM-enabled devices in the cluster; and
present the generated benchmark trust score and the overall trust score for consumption by the user.
5. The IHS of claim 2 , wherein the overall trust score is based at least in part, on a firmware version of one SPDM-enabled device relative to a firmware version of a second SPDM-enabled device, or on a software version of one respective SPDM-enabled device relative to a software version of a second respective SPDM-enabled device.
6. The IHS of claim 1 , wherein the program instructions, upon execution, further cause the IHS to perform the attestation process when the IHS is in a S5 state.
7. The IHS of claim 1 , further comprising:
a Baseboard Management Controller (BMC) configured to perform the attestation process; and
a Basic Input/Output System (BIOS) configured to inhibit the IHS from being booted with the one SPDM-enabled device that failed the attestation process.
8. The IHS of claim 7 , wherein the BMC communicates with the BIOS using a Keyboard Controller Style (KCS) channel.
9. The IHS of claim 1 , wherein at least one SPDM-enabled device that failed the attestation process is configured to perform at least one function associated with a bootstrapping process of the IHS.
10. A security state optimization method comprising:
communicating out-of-band with a plurality of Security Protocol and Data Model (SPDM)-enabled devices before launching an Operating System (OS) to boot an Information Handling System (IHS) from at least one SPDM-enabled device of the plurality of SPDM-enabled devices, to derive a trust score for each of the plurality of SPDM-enabled devices, based at least in part on performing an attestation process using a Root-of-Trust (ROT) accessible to the IHS, the attestation process comprising issuing an authentication challenge to and receiving an authentication response from each of the SPDM-enabled devices;
determining, before launching the OS and based at least in part on the authentication response and the ROT, whether any SPDM-enabled device of the plurality of SPDM-enabled devices failed the authentication challenge;
determining, before launching the OS and based at least in part on a boot order configuration in a Basic Input/Output System (BIOS) configured in the IHS, whether the IHS is scheduled to boot from any device of the plurality of SPDM-enabled devices that failed the authentication challenge; and
in response to a determination that the IHS is scheduled to boot from any device of the plurality of SPDM-enabled devices that failed the authentication challenge, select another SPDM-enabled device of the plurality of SPDM-enabled devices that succeeded the authentication challenge, and permit the IHS to boot based on launching the OS from the selected SPDM-enabled device; and
performing one or more optimization actions to optimize an overall security state of the IHS.
11. The security state optimization method of claim 10 , further comprising:
deriving an overall trust score for the plurality of SPDM-enabled devices that are configured in a server;
obtaining configuration information associated with each of the SPDM-enabled devices;
sending the configuration information to an online optimization service, wherein the online optimization service is configured to identify one or more recommendations for changing a configuration of at least one of the SPDM-enabled devices to optimize the overall trust score of the server;
receiving the one or more recommendations from the online optimization service; and
presenting the one or more recommendations to a user of the IHS.
12. The security state optimization method of claim 11 , further comprising:
generating a benchmark trust score comprising a metric value attributed to an optimal configuration of the plurality of SPDM-enabled devices in a cluster comprising a plurality of servers; and
presenting the generated benchmark trust score and the overall trust score for consumption by the user.
13. A computer program product comprising a non-transitory computer readable storage medium having program instructions stored thereon that, upon execution by a Baseboard Management Controller (BMC), cause the BMC to:
communicate out-of-band with each Security Protocol and Data Model (SPDM)-enabled device of a plurality of SPDM-enabled devices configured in an Information Handling System (IHS) before launching an Operating System (OS) to boot the IHS from at least one SPDM-enabled device of the plurality of SPDM-enabled devices, to derive a trust score for each SPDM-enabled device of the plurality of SPDM-enabled devices, based at least in part on performing an attestation process using a Root-of-Trust (ROT) accessible to the IHS, the attestation process comprising issuing an authentication challenge to and receiving an authentication response from each of the SPDM-enabled devices, wherein the plurality of SPDM-enabled devices conform to an SPDM specification;
determine, before booting the IHS and based at least in part on the authentication response and the ROT, whether any SPDM-enabled device of the plurality of SPDM-enabled devices failed the authentication challenge;
determine, before booting the IHS and based at least in part on a boot order configuration in a Basic Input/Output System (BIOS) configured in the IHS, whether the IHS is scheduled to boot from any device of the plurality of SPDM-enabled devices that failed the authentication challenge;
in response to a determination that the IHS is scheduled to boot from any device of the plurality of SPDM-enabled devices that failed the authentication challenge, select another SPDM-enabled device of the plurality of SPDM-enabled devices that succeeded the authentication challenge, and permit the IHS to boot from the selected SPDM-enabled device; and
perform one or more optimization actions to optimize an overall security state of the IHS.
14. The computer program product of claim 13 , wherein the program instructions, upon execution, further cause the BMC to perform the one or more optimization actions by:
deriving an overall trust score for the plurality of SPDM-enabled devices that are configured in a server;
obtaining configuration information associated with each of the SPDM-enabled devices;
sending the configuration information to an online optimization service, wherein the online optimization service is configured to identify one or more recommendations for changing a configuration of at least one of the SPDM-enabled devices to optimize the overall trust score of the server;
receiving the one or more recommendations from the online optimization service; and
presenting the one or more recommendations to a user of the IHS.
15. The computer program product of claim 14 , wherein the SPDM-enabled devices are configured in a plurality of servers comprising a cluster, the overall trust score comprising a metric value associated with a security state level of the cluster.
16. The computer program product of claim 15 , wherein the program instructions, upon execution, further cause the IHS to:
generate a benchmark trust score comprising a metric value attributed to an optimal configuration of the SPDM-enabled devices in the cluster; and
present the generated benchmark trust score and the overall trust score for consumption by the user.
17. The computer program product of claim 13 , wherein at least one SPDM-enabled device that failed the attestation process is configured to perform at least one function associated with a bootstrapping process of the IHS.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.